Use 2-factor authentication to access email. For example, use a password + a unique code texted to your phone for your email.
Don't immediately click links or open attachments in emails. Hackers can pretend to be from companies you know and use, so be sure before you click. Or better yet, go directly to the website in a web browser first. If you’re not expecting an email attachment or link, call or text the person who sent it to ensure it was really them.
Avoid uploading personal information online (like your bank account). Even if you know the company or website, be sure the device you are using is secure when you need to upload personal information.
Start new sessions in your browser frequently. Completely log out and close your browser when finishing a session. Clearing your browser history regularly is a good idea, too.